CVE-2017-14058 log
| Source |
|
| Severity | Medium |
| Remote | Yes |
| Type | Denial of service |
| Description | In FFmpeg 3.3.3, the read_data function in libavformat/hls.c does not restrict reload attempts for an insufficient list, which allows remote attackers to cause a denial of service (infinite loop). |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-405 | ffmpeg2.8 | 2.8.12-1 | 2.8.13-1 | Medium | Fixed | |
| AVG-400 | ffmpeg | 1:3.3.3-2 | 1:3.3.4-1 | Medium | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 28 Sep 2017 | ASA-201709-23 | AVG-405 | ffmpeg2.8 | Medium | denial of service |
| 15 Sep 2017 | ASA-201709-10 | AVG-400 | ffmpeg | Medium | denial of service |
| References |
|---|
https://github.com/FFmpeg/FFmpeg/commit/7ec414892ddcad88313848494b6fc5f437c9ca4a |